为了降低船舶网络风险,提升船舶网络韧性,结合船舶网络系统的结构特点和应用现状,分析其存在的脆弱性和面临的网络威胁。以某国际航行的化学品船为例,采用“纵深防御”理念,兼顾安全性原则和实用性原则,从船载计算机系统和设备的内在安全功能、船舶网络的识别、保护、检测、响应和恢复这6个方面探讨船舶网络系统的设计和防护策略。研究结果可为同类船舶网络系统的设计和优化提供参考。
To mitigate cyber risks and enhance cyber resilience of ship network, this paper analyzes the vulnerabilities and cyber attacks faced by onboard systems and devices based on their structural characteristics and application status. Taking an international chemical tanker as an example, the paper explores the design and protection strategies of ship network systems from six aspects-inherent security capabilities of computer-based systems and devices onboard, identify, protect, detect, respond, and recover of ship network by adopting the concept of "defense in depth", also balancing the principles of safety and practicality. The research results can serve as a reference for the design and optimization of similar ship network.
2025,47(20): 175-180 收稿日期:2024-12-31
DOI:10.3404/j.issn.1672-7649.2025.20.027
分类号:U622.9
基金项目:工信部高技术船舶专项资助项目(工信部重装函[2022]295)
作者简介:李路(1990-),女,硕士研究生,研究方向为船舶网络安全、船舶电气
参考文献:
[1] 邓林义. 远洋商用船舶网络安全防护法规规范[J]. 船舶工程, 2023, 45(11): 43-47.
[2] 吴中岱, 王振辉, 韩德志, 等. 智能船舶网络安全及防护技术研究综述[J]. 舰船科学技术, 2024, 46(10): 1-8.
[3] IMO. MSC-FAL. 1/Circ. 3 Guidelines on maritime cyber risk management [S]. 2017.
[4] BIMCO. The guidelines on cyber security onboard ships 2020 [S]. 2020.
[5] IACS. UR E26 Cyber resilience of ships [S]. 2023.
[6] IACS. UR E27 Cyber resilience of on-board systems and equipment [S]. 2023.
[7] DCSA. Implementation Guide for cyber security on vessels v1.0 [S]. 2020.
[8] 周毅, 李萌, 张海涛, 等. 船岸一体化数据管理系统的网络安全技术[J]. 船海工程, 2021, 50(3): 73-76.
[9] 吴中岱, 韩德志, 蒋海豹, 等. 海洋船舶通信网络安全综述[J]. 计算机应用, 2024, 44(7): 2123-2136.
[10] 刘冬, 于盟, 刘阳, 等. 我国航运网络安全风险分析及防护建议[J]. 工业信息安全, 2022(6): 60-64.
[11] IACS. REC. 171 Recommendation on incorporating cyber risk management into Safety Management Systems [S]. 2022.
[12] ISO. ISO 23799 - Ships and marine technology -Assessment of onboard cyber safety [S]. 2024.
